30 matches found
EUVD-2008-0303
Malware in sbrugna...
EUVD-2005-2218
Malware in sbrugna...
EUVD-2008-0268
Malware in sbrugna...
EUVD-2000-1225
Malware in sbrugna...
EUVD-2000-0253
Malware in sbrugna...
EUVD-2000-0252
Malware in sbrugna...
CVE-2005-2217
Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables...
CVE-2008-0292
CVE-2008-0292 is an XSS vulnerability in Dansie Photo Album 1.0, specifically in photo_album.pl, where attacker-supplied input in the search parameter can inject arbitrary web script or HTML. The connected sources confirm the affected component is Dansie Photo Album 1.0 and the vulnerability type...
CVE-2008-0257
Cross-site scripting XSS vulnerability in search.pl in Dansie Search Engine 2.7 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...
CVE-2008-0257
The CVE-2008-0257 entry describes a Cross-site scripting (XSS) vulnerability in Dansie Search Engine 2.7, specifically in search.pl, exploitable via the keywords parameter. This allows remote attackers to inject arbitrary web script or HTML. The public records provided do not specify affected ver...
CVE-2003-1517
CVE-2003-1517 affects the Dansie cart: cart.pl permits an invalid db parameter to leak the installation path in an error message, enabling information disclosure. The available documents specify the vulnerable component and the leak, but do not include explicit exploit details or a remediation pa...
CVE-2003-1517
cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message...
CVE-2000-1243
Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers...
CVE-2000-1243
The CVE-2000-1243 entry concerns Dansie Shopping Cart 3.04 (likely earlier) with a privacy leak where sensitive data, including user credentials, is sent to an email address controlled by the product developers. The vulnerability is described as a data leakage issue rather than a remote code exec...
Dansie Cart Script Exploit Reported
Synopsis : This program -deliberately- allows arbitrary commands to be executed on the victim server. One of our clients, while installing and configuring the Dansie Shopping Cart, ran into difficulty integrating PGP, the shopping cart program, and our secure server setup. While trying to assist...
CVE-2005-2217
Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, which might allow remote attackers to obtain sensitive information such as program variables...
CVE-2005-2217
Dansie Shopping Cart stores the vars.dat file under the web root with insufficient access control, allowing remote attackers to obtain sensitive information such as program variables. The issue is classified with a CVSS v2 base score of 5.0 (Network attack vector, Low attack complexity, Confident...
CVE-2003-1517
cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message...
Dansie Shopping Cart Discloses Installation Path to Remote Users
Indonesia Security Development Team Advisory Dansie Shopping Cart Discloses Installation Path to Remote Users ================================================================ Advisory Name: Dansie Shopping Cart Discloses Installation Path to Remote Users Release Date: 5:21 AM 10/20/03 Application...
Dansie Shopping Cart - Server Error Message Installation Full Path Disclosure
source: https://www.securityfocus.com/bid/8860/info Dansie Shopping Cart is reported to be prone to path disclosre issue in the 'db' parameter of 'cart.pl' that may lead to an attacker gaining sensitive information about the installation path of the system. Information gained by exploiting this...